Updated egroupware package fixes security vulnerability
Publication date: 03 Mar 2014Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-2027
Description
eGroupware prior to 1.8.006.20140217 is vulnerable to remote file deletion and possible remote code execution due to user input being passed to PHP's unserialize() method (CVE-2014-2027).
References
SRPMS
3/core
- egroupware-1.8.006.20140217-1.mga3
4/core
- egroupware-1.8.006.20140217-1.mga4